mbedtls_pk_parse_key: don't allocate if not needed

mbedtls_pk_parse_key() makes a temporary copy of the key when it calls pk_parse_key_pkcs8_encrypted_der(), because that function requires a writable buffer. pk_parse_key_pkcs8_encrypted_der() always rejects an empty password, so skip calling it in that case, which allows us to skip the allocation as well. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-07-29 11:41:15 +03:00 · 2021-12-10 17:36:37 +01:00
parent d5b2a59826
commit 0ca219575a
2 changed files with 4 additions and 0 deletions
--- a/library/pkparse.c
+++ b/library/pkparse.c
@ -1343,6 +1343,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
     * error
     */
 #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+    if( pwdlen != 0 )
    {
        unsigned char *key_copy;